#1  
Old 20th September 2009, 15:24
avanmessen avanmessen is offline
Junior Member
 
Join Date: Jul 2008
Posts: 12
Thanks: 0
Thanked 2 Times in 2 Posts
Default Can' t get SSL to work ...

Hello !

Here' s what I did :

PHP Code:
openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req 
-new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req 
-x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa 
-passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 
/root/ispconfig/httpd/conf/ssl.key/server.key 
To recreate the server.crt file with correct settings.

Bought a cerificate from rapidssl.com, sent them the
contents of server.csr, replaced the contents of the
server.crt file with the certificate I received in return
from rapidssl.com and restarted ispconfig_server.

Seems httpd won' t start anymore.

Replaced server.crt with a backup I made before, all Ok.

What am I missing ?



Certificate is intended for the admin pages and webmail.
Reply With Quote
Sponsored Links
  #2  
Old 21st September 2009, 10:12
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,006
Thanks: 826
Thanked 5,377 Times in 4,224 Posts
Default

Any errors in the error log or ssl log of the ispconfig webserver (these logfiles are in /root/ispconfig/httpd/.....).
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 21st September 2009, 11:17
avanmessen avanmessen is offline
Junior Member
 
Join Date: Jul 2008
Posts: 12
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Hi Till !

The error_log says :

Quote:
[Sun Sep 20 18:22:59 2009] [error] mod_ssl: SSL handshake failed (server server1.example.com:81, client 81.242.249.38) (OpenSSL library error follows)
[Sun Sep 20 18:22:59 2009] [error] OpenSSL: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
The ssl_request_log says :

Quote:
[20/Sep/2009:18:23:15 +0200] 81.242.249.38 TLSv1 DHE-RSA-AES256-SHA "GET /desig$
Obviously my server isn' t "server1.example.com", thought
that would be replaced when I recreated the server.csr ?!
Guess that would be the problem ? Am I on the right track ?

Reply With Quote
  #4  
Old 23rd September 2009, 17:44
avanmessen avanmessen is offline
Junior Member
 
Join Date: Jul 2008
Posts: 12
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Still no joy ! Anyone to help me out with this ?

Reply With Quote
  #5  
Old 25th September 2009, 20:58
avanmessen avanmessen is offline
Junior Member
 
Join Date: Jul 2008
Posts: 12
Thanks: 0
Thanked 2 Times in 2 Posts
 
Default

Is there any commercial support available for ISPConfig ?
I still can' t get it to work, have read through pages and
pages of forum posts, tried a LOT of stuff to no avail ...

I paste the official certificate in server.crt and restart the
ispconfig_server and apache just dies on me !

Forgot to mention I use a vmware appliance that I got
pre-installed, that' s why there' s some errors in naming
of the server e.g.

It would be such a pain to reinstall from scratch, even
more to migrate the sites and e-mail for the many users.

Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssl doesn't work with firefox li0nheart Installation/Configuration 2 27th December 2008 19:57
Problem getting squirrelmail to work with SSL (https) jkarlsen Installation/Configuration 3 6th October 2008 19:40
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
Can't get SSL Cert to work rbartz Installation/Configuration 4 23rd April 2006 09:32
Courier IMAP & POP without SSL work, but not with SSL. Traxus Installation/Configuration 15 4th April 2006 18:50


All times are GMT +2. The time now is 22:06.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.